package com.ruoyi.project.setting.utils;

import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.dyun.tool.ssecurity.utils.YunSecurityUtils;
import com.ruoyi.project.setting.security.LoginUser;
import com.ruoyi.project.setting.security.utils.UserUtils;
import com.ruoyi.project.system.entity.SysRole;
import com.ruoyi.project.system.entity.SysUser;
import net.dreamlu.mica.core.utils.$;

/**
 * @author dyun
 */
public class DataScopeUtils {

    /**
     * 全部数据权限
     */
    public static final Integer DATA_SCOPE_ALL = 1;

    /**
     * 自定数据权限
     */
    public static final Integer DATA_SCOPE_CUSTOM = 2;

    /**
     * 部门及以下数据权限
     */
    public static final Integer DATA_SCOPE_DEPT_AND_CHILD = 3;

    /**
     * 部门数据权限
     */
    public static final Integer DATA_SCOPE_DEPT = 4;

    /**
     * 仅本人数据权限
     */
    public static final Integer DATA_SCOPE_SELF = 5;

    public static boolean checkRange(Integer dataScope) {
        return DATA_SCOPE_ALL.equals(dataScope)
                || DATA_SCOPE_CUSTOM.equals(dataScope) || DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)
                || DATA_SCOPE_DEPT.equals(dataScope) || DATA_SCOPE_SELF.equals(dataScope);
    }

    /**
     * mybatisplus datascope sql注入
     *
     * @param tableAlias 当前表昵称
     * @return 数据权限sql
     */
    public static String getDataScopeSql(String tableAlias) {
        return getDataScopeSql(tableAlias, "create_dept", "create_by");
    }

    /**
     * mybatisplus datascope sql注入
     *
     * @param tableAlias 当前表昵称
     * @param deptColumn 当前表部门字段
     * @param userColumn 当前表用户字段
     * @return 数据权限sql
     */
    public static String getDataScopeSql(String tableAlias, String deptColumn, String userColumn) {
        String sqlString = getCustomDataScopeSql(tableAlias, deptColumn, userColumn);

        return buildMPDataScopeSql(sqlString);
    }

    /**
     * 构建符合mybatis plus的数据权限sql
     */
    private static String buildMPDataScopeSql(String sqlString) {
        // 具体参考 com.baomidou.mybatisplus.core.conditions.interfaces.Join<Children> 
        String finalSqlString = " 1={0} ";
        if (StringUtils.isNotBlank(sqlString)) {
            return sqlString.substring(3) + " AND " + finalSqlString;
        }
        return finalSqlString;
    }

    /**
     * 获取数据权限sql
     *
     * @param tableAlias 当前表昵称
     * @param deptColumn 当前表部门字段名称
     * @param userColumn 当前表用户字段名称
     * @return 数据权限sql
     */
    private static String getCustomDataScopeSql(String tableAlias, String deptColumn, String userColumn) {
        LoginUser loginUser = UserUtils.currentLoginUser();
        SysUser user = loginUser.getSysUser();
        StringBuilder sqlString = new StringBuilder();

        // admin不进行过滤
        if (YunSecurityUtils.isAdmin(user.getId())) {
            return sqlString.toString();
        }

        for (SysRole role : loginUser.getRoleList()) {
            // 基于角色的数据权限 role dataScope
            Integer dataScope = role.getDataScope();

            if (DATA_SCOPE_ALL.equals(dataScope)) {
                sqlString = new StringBuilder();
                break;
            } else if (DATA_SCOPE_DEPT_AND_CHILD.equals(dataScope)) {
                sqlString.append($.format(
                        " OR {}.{} IN ( SELECT id FROM sys_dept WHERE id = {} or find_in_set( {} , ancestors ) ) ",
                        tableAlias, deptColumn, role.getCreateDept(), role.getCreateDept()));
            } else if (DATA_SCOPE_DEPT.equals(dataScope)) {
                sqlString.append($.format(" OR {}.{} = {} ",
                        tableAlias, deptColumn, role.getCreateDept()));
            } else if (DATA_SCOPE_SELF.equals(dataScope)) {
                sqlString.append($.format(" OR {}.{} = '{}' ",
                        tableAlias, userColumn, user.getUserName()));
            }
        }

        return sqlString.toString();
    }
}
